DKIM: Predefined macro for standard headers, oversigned

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 8e7cb4d9275e0b55ad3c84ba0158add9a65393ed..87e5e088f4a0763a9c8ab8121fd85523b17b7454 100644 (file)
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -40426,7 +40426,7 @@ only supports signing with the same canonicalization method for both headers and
 .option dkim_strict smtp string&!! unset
 This  option  defines  how  Exim  behaves  when  signing a message that
 should be signed fails for some reason.  When the expansion evaluates to
-either "1" or "true", Exim will defer. Otherwise Exim will send the message
+either &"1"& or &"true"&, Exim will defer. Otherwise Exim will send the message
 unsigned. You can use the &%$dkim_domain%& and &%$dkim_selector%& expansion
 variables here.
 
@@ -40438,16 +40438,19 @@ in the message signature.
 When unspecified, the header names listed in RFC4871 will be used,
 whether or not each header is present in the message.
 The default list is available for the expansion in the macro
-"_DKIM_SIGN_HEADERS".
+&"_DKIM_SIGN_HEADERS"&
+.new
+and an oversigning variant is in &"_DKIM_OVERSIGN_HEADERS"&.
+.wen
 
 If a name is repeated, multiple headers by that name (or the absence thereof)
 will be signed.  The textually later headers in the headers part of the
 message are signed first, if there are multiples.
 
-A name can be prefixed with either an '=' or a '+' character.
-If an '=' prefix is used, all headers that are present with this name
+A name can be prefixed with either an &"="& or a &"+"& character.
+If an &"="& prefix is used, all headers that are present with this name
 will be signed.
-If a '+' prefix if used, all headers that are present with this name
+If a &"+"& prefix if used, all headers that are present with this name
 will be signed, and one signature added for a missing header with the
 name will be appended.
 

diff --git a/src/src/dkim.c b/src/src/dkim.c
index 5c9d2279e165767715385013862a330b81023c9d..031372720c4e950d57594349453209e3656624e9 100644 (file)
--- a/src/src/dkim.c
+++ b/src/src/dkim.c
@@ -21,6 +21,7 @@ void
 params_dkim(void)
 {
 builtin_macro_create_var(US"_DKIM_SIGN_HEADERS", US PDKIM_DEFAULT_SIGN_HEADERS);
+builtin_macro_create_var(US"_DKIM_OVERSIGN_HEADERS", US PDKIM_OVERSIGN_HEADERS);
 }
 # else /*!MACRO_PREDEF*/
 

diff --git a/src/src/pdkim/pdkim.h b/src/src/pdkim/pdkim.h
index 0c9d46d011d0b4baabe047aa330ca190203e73d6..5ae0f7f4593d08efed5cf423eb1ddd2fe697657d 100644 (file)
--- a/src/src/pdkim/pdkim.h
+++ b/src/src/pdkim/pdkim.h
@@ -35,6 +35,15 @@
                              "List-Id:List-Help:List-Unsubscribe:"\
                              "List-Subscribe:List-Post:List-Owner:List-Archive"
 
+#define PDKIM_OVERSIGN_HEADERS "+From:+Sender:+Reply-To:+Subject:+Date:"\
+                             "+Message-ID:+To:+Cc:+MIME-Version:+Content-Type:"\
+                             "+Content-Transfer-Encoding:+Content-ID:"\
+                             "+Content-Description:+Resent-Date:+Resent-From:"\
+                             "+Resent-Sender:+Resent-To:+Resent-Cc:"\
+                             "+Resent-Message-ID:+In-Reply-To:+References:"\
+                             "+List-Id:+List-Help:+List-Unsubscribe:"\
+                             "+List-Subscribe:+List-Post:+List-Owner:+List-Archive"
+
 /* -------------------------------------------------------------------------- */
 /* Length of the preallocated buffer for the "answer" from the dns/txt
    callback function. This should match the maximum RDLENGTH from DNS. */